Header graphic for print

HL Chronicle of Data Protection

Privacy & Information Security News & Trends

Posted in International/EU Privacy

Prepare Yourself for the ‘Risk-Based’ Approach to Privacy

Assuming a fair amount of hard work and that the EU institutions are able to put their political skills to good use, 2015 may be the year that sees the culmination of a legal modernisation process that has been running for the best part of four years. It was in 2010 when the European Commission formally acknowledged that the 1995 Data Protection Directive was ready for a makeover to address the privacy and data protection needs of the 21 century. Since then, stakeholders covering a whole spectrum of views have participated in a process that is approaching a decisive stage. In early 2014, the European Parliament came forward with a bold proposal to amend the Commission’s original draft and put the ball firmly in the Council of the EU’s court. As the Council finalises its own proposal, a picture of what the new framework will look like is starting to emerge. Continue Reading

Posted in Cybersecurity & Data Breaches

Conference on Medical Device and Healthcare Cybersecurity Highlights New Challenges

The medical internet of things is coming. That was the common recognition of participants at a two-day public workshop on “Collaborative Approaches for Medical Device and Healthcare Cybersecurity” co-sponsored by the Food and Drug Administration (FDA), Department of Health and Human Services (HHS), and the Department of Homeland Security (DHS). The workshop comes during a busy month for medical device cybersecurity, with the FDA issuing final guidance earlier this month and DHS indicating that it is reviewing dozens of potential cybersecurity vulnerabilities in medical devices. Continue Reading

Posted in News & Events

Hogan Lovells Launches Unmanned Aircraft Systems Group

As commercial use of unmanned aircraft systems (UAS) begins to take flight, the Hogan Lovells Privacy and Information Management practice has partnered with colleagues across the firm to respond to the needs of manufacturers and operators of UAS.  The launch of the group comes at a time when government activity to regulate UAS is creating both new opportunities and risks in the marketplace.  Continue Reading

Posted in Financial Privacy

CFPB Finalizes Rule to Ease GLBA Privacy Notice Requirements

The Consumer Financial Protection Bureau (CFPB) has finalized a proposed rule that will eliminate the need for certain financial institutions to mail annual privacy notices to their customers, so long as the institutions publish their privacy notices online and engage only in limited sharing of customer information.  Continue Reading

Posted in International/EU Privacy, News & Events

Upcoming Webinar on Russian Data Localization Law

On Tuesday, October 28, Natalia Gulyaeva of Hogan Lovells’ Moscow office and Bret Cohen of our Washington, D.C. office will host a complimentary webinar outlining implications for businesses of the new Russian data localization law. The law, which may come into effect as early as January 2015, requires that data “operators” – organizations that process personal data of Russian citizens, including providers of Internet-based services – store the personal data of Russian citizens on databases located in the country. Continue Reading

Posted in International/EU Privacy

German Data Protection Authorities Issue Resolution on Connected Cars

The Conference of the German Federal and State Data Protection Authorities during its last meeting on 8 and 9 October adopted the resolution “Data Protection in the Car”. The resolution expresses a concern about what it describes as privacy risks involved in the growing collection and processing of personal data in cars, and the interests of various actors (car manufacturers, service providers, insurance companies, employers) in using those data. Continue Reading

Posted in Cybersecurity & Data Breaches

Hogan Lovells Partner Highlights How Boards and Management Can Prepare for a Cybersecurity Breach

Corporate boards and senior management are more focused than ever before on cyber incident prevention and preparedness. Recently thecorporatecounsel.net, an influential resource for corporate governance lawyers, addressed this topic in a program titled “Cybersecurity: Working the Calm Before the Storm,” describing what the board and senior management can do to prepare for the inevitable cybersecurity breach. The program featured Hogan Lovells Partner Harriet Pearson.

To read the transcript, click here.

To listen to “Cybersecurity: Working the Calm Before the Storm” (subscription required), click here.

Posted in News & Events

Preview of the Global Data Protection Conference in Mauritius: Hogan Lovells Partner to Play Prominent Role

<p align="leftFrom 13 to 16 October 2014, privacy regulators and data protection authorities from around the world will be gathering together with experts in the field – including our London-based partner Eduardo Ustaran – to discuss, debate and hopefully agree on how to address the toughest privacy challenges of our time.  The 36th International Conference of Data Protection and Privacy Commissioners is entitled “A World Order for Data Protection – Our Dream Coming True?”  This year’s conference is taking place in Mauritius, a clear sign of the truly global nature of this issue. Continue Reading

Posted in Consumer Privacy

FTC Reminds Broadband Providers of their Data Privacy and Security Obligations

The Federal Trade Commission (FTC) recently submitted comments to the Federal Communications Commission (FCC) in which it reminded broadband Internet service providers that they are subject to several data privacy and security laws enforced by the FTC.  The FTC’s comments underscore why broadband providers – as well as their vendors and business partners – must keep a close watch on both FCC and FTC developments in the privacy and security space.

Continue Reading

Posted in Cybersecurity & Data Breaches, Health Privacy/HIPAA

OCR and NIST Host Conference and Provide Insights on Safeguarding Health Information

Government officials emphasized the importance of risk analysis and risk management in safeguarding PHI at the Seventh Annual “Safeguarding Health Information: Building Assurance Through HIPAA Security” conference held from September 23–24, 2014, and co-hosted by the National Institute of Standards and Technology (NIST) and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR).  The following themes emerged during the conference: Continue Reading